Tag: azure
Friday’s Learning Day – Azure Arc
My weekly Friday schedule are normally allocated for learning or revising certain topics, if there are no proposal or pressing datelines to look at. So this morning since I’ve decided not to do any workout, I just chose this video on Azure Arc, can’t recall…
Choosing an Appropriate Retention Period for Microsoft Sentinel Workspaces
Data Retention in Microsoft Sentinel When you deploy Microsoft Sentinel, one of the design decisions to make is how long data should be kept. This is part of the data retention configuration for the underlying Log Analytics workspace. The retention period is one of the most…
Logstash, Meet Sentinel… Sentinel, Meet Logstash!
Background In both our free workshop and popular Defending Enterprises training we heavily utilise Elastic’s Winlogbeat, Auditbeat, Filebeat and Packetbeat agents. In past editions this data finally ended up in an Elastic backend which was accessed using Kibana. A common setup that works well. Since the release of Microsoft Sentinel back in 2019 there have been many improvements,…
